A surprisingly simple problem turns out to be a major security risk:
Downloading publicly accessible files from web servers with private
data.

In the course of this research the speaker was able to find weak
database passwords of the German social democrats, the so-called
"Volksverschlüsselung" and others via Git and Subversion repositories.
Many sites, including a large online pharmacy and the German postal
service, exposed database dumps with standard filenames like dump.sql
[1]. Countless sites were found with backup files and VIM swap files
exposed in the web root revealing source code (often complete with
passwords and API keys) to anyone who knows where to look. Dozens of
sites were vulnerable to complete take over because the maintainers
have failed to remove references to abandoned subdomains [2]. In
addition to recovering source code and passwords, it turns out that
simple HTTP requests are sometimes enough to steal private keys. Let's
have a look on how to get other people's certificates revoked if they
have exposed their private key - and also how to revoke them if you
don't have their private key by simply faking one [3].

Investigating further methods to talk to web servers over HTTP led to
the discovery of the Optionsbleed bug in the Apache web server [4].
Optionsbleed is a memory corruption bug that exposes parts of the
server’s memory in certain configurations when sending a special HTTP
request.

Let's look at how sometimes the simple attacks can be the best and how
to hack with wget and HTTP requests. The speaker will publish a free
tool that can be used to scan for all the vulnerabilities presented in
the talk.